detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Wed, 22 Mar 2023 13:49:35 GMT
Age: 44016
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
alduffield.com.au/email/verification/3dxcjz/info@slurpmail.net
188.114.97.1301 Moved Permanently 0 B URL HTTP/1.1 alduffield.com.au/email/verification/3dxcjz/info@slurpmail.net
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /email/verification/3dxcjz/info@slurpmail.net HTTP/1.1
Host: alduffield.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 23 Mar 2023 02:03:11 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 23 Mar 2023 03:03:11 GMT
Location: https://alduffield.com.au/email/verification/3dxcjz/info@slurpmail.net
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6vLorsB7VXobET5Qc89CjjR8hytxk6HXsOsZP2B3XqkDqfHKx7OoNxLjV4OAmtdJ5c2LB97onwEpzcc4VzSNBkvfq2bkViGzWfyXgRUjmP%2B0G%2FvXduunbKNTopVvAJRBDHO7g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ac318b5fc781c0a-OSL
alt-svc: h2=":443"; ma=60
detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Wed, 22 Mar 2023 13:49:35 GMT
Age: 44017
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash c6f7c518dbbcb19a325e251d68170cb2
7f8340a25fac1bd72773608a9a072029f27a6ce5
570b9a9f3e6cf59753a906e65f1cf46bc2383abb143311c4d1f4a27d01dfd70e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1988
Cache-Control: max-age=138316
Content-Type: application/ocsp-response
Date: Thu, 23 Mar 2023 02:03:12 GMT
Etag: "641b24e8-1d7"
Expires: Fri, 24 Mar 2023 16:28:28 GMT
Last-Modified: Wed, 22 Mar 2023 15:55:20 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
54.214.73.137200 OK 8 B URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP 54.214.73.137:0
Hash 29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Thu, 23 Mar 2023 02:03:12 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: W1AiYzp2/ge0NRbAkJWPsEPfDiRNDqwuQP+zBP2FMjhPczwunv+zzyD9X3sIhFSL0m0dqyPVTVc=
x-amz-request-id: 3Q0N047DZS2B5A6F
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Mar 2023 01:16:17 GMT
age: 2815
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 02:03:13 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Mar 2023 01:17:23 GMT
age: 2750
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Wed, 22 Mar 2023 13:49:35 GMT
Age: 44018
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
push.services.mozilla.com/
52.38.211.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.211.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dlmkv378cfdWdYTdk+ZpOA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: N4f/O7luaK1bIgF0dpMLE66c4z0=
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221679529664549%22
35.241.9.150200 OK 22 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221679529664549%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (22067), with no line terminators
Hash 783ab9de732c3a328f57a7b80b18d9bd
0d67accffa91f4cc9e1eb0445587bbeea485cc82
f60d49c133b48d099d5d3df2930347a077c36bdafa42560d7615c35ff3ca9d79
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221679529664549%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 22067
via: 1.1 google
date: Thu, 23 Mar 2023 02:02:01 GMT
age: 72
last-modified: Thu, 23 Mar 2023 00:01:04 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1677879347585&_since=%221643818378440%22
35.241.9.150200 OK 9.1 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/gfx/changeset?_expected=1677879347585&_since=%221643818378440%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (9105), with no line terminators
Hash 3bf8b222f5f31c3ab484dbb4bf3c90bd
3a90ff55f82f7136aca51508621ff791c1c270bc
f08329d6b4438dc9bbf89b29a5b8537881bbd081000a90a66e031cd575fb5d9d
GET /v1/buckets/blocklists/collections/gfx/changeset?_expected=1677879347585&_since=%221643818378440%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 9105
via: 1.1 google
date: Thu, 23 Mar 2023 01:22:58 GMT
age: 2416
last-modified: Sat, 18 Mar 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: R4uitG61GOsOZNLZvS+4Pb0ArxwXXQzli8dvUXB2fCMw/kDJxjmxxppKG62NukXue07ZXo0zKVeS20ymVFbAEw==
x-amz-request-id: HRY7Z9TB2DJMNZ2J
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Mar 2023 01:53:52 GMT
age: 562
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1679013443657&_since=%221666204638208%22
35.241.9.150200 OK 40 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1679013443657&_since=%221666204638208%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (40041), with no line terminators
Hash 698d46ecc1de32df2852df324d4b72d3
e41fdce23323d1f9227e8ebb11f012b07124dfc2
ae0e5e0bc68eaed69d1d5e8ba1d2c6dac4262abba683c1d13b3d870a6e2936a4
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1679013443657&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 40041
via: 1.1 google
date: Thu, 23 Mar 2023 01:03:40 GMT
age: 3574
last-modified: Fri, 17 Mar 2023 00:37:23 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Mar 2023 01:27:30 GMT
content-type: application/json
age: 2144
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
alduffield.com.au/favicon.svg
188.114.97.1200 OK 2.1 kB URL HTTP/2 alduffield.com.au/favicon.svg
IP 188.114.97.1:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with very long lines (2036), with no line terminators
Hash 85ec0eb20d370b30aa1f7d58693c41db
98f2f32c1a0b2e6bce3331d9f3744e5c26a23792
eb483bc5c611a88e41aab4b2231059c4dbaa00ebad6a567832b87ceb07fd555c
Analyzer Verdict Alert fortinet Phishing
GET /favicon.svg HTTP/1.1
Host: alduffield.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alduffield.com.au/email/verification/3dxcjz/info@slurpmail.net
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 02:03:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Wed, 24 Aug 2022 06:04:45 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 3572
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2BSPvbtfDob%2B226gHOpeMM3M9%2F4L%2FOE1jU76jtWt1lTCS%2FAcUgkHrad%2BayiTtgK9NqY6WRG70jFfdmR1KsO1raZT45EBeNWzY9z84TrVO7YvKDhtjoUUTvbe1Xu00FykkNiWjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac318bc8cb4b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a7546f8-3d34-4fb4-b63f-8e8098b48c30.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a7546f8-3d34-4fb4-b63f-8e8098b48c30.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f777f840a3fc7e500c57a7cbdf88f26d
3518e8a18807209e94011806a96492e0d86ee9c9
44aa32fa1bf15785a4dd8cd6184772fb268113cbf459f5f30a70ff5ca66c9e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a7546f8-3d34-4fb4-b63f-8e8098b48c30.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7419
x-amzn-requestid: bc02abbe-706d-42af-b963-0163b07b87c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9xbnE7OIAMFW2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641562b0-247606a3713a20d25cf83763;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:05:20 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: W_FZ-TYlfmS1JSvZVG4v_4Iag3ssm5J2oYgk0LBdKqv-Q0KST6FkDQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 20:21:35 GMT
age: 20500
etag: "3518e8a18807209e94011806a96492e0d86ee9c9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F772d9c75-9796-494f-9fc4-91d04e2bac53.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F772d9c75-9796-494f-9fc4-91d04e2bac53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 90f64fe111aa6e90ebf52e0335d21b75
4f25bdbffca3803b02c196c38491223684d36b4d
37894e16112286470b7fd2e0bbd5ca74944e6cb5ca6e8aff189c4515122a0d40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F772d9c75-9796-494f-9fc4-91d04e2bac53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4905
x-amzn-requestid: f2297c3e-1187-48f5-bffb-c5ea1a79a10b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CBFgcF4_oAMFd6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6416b602-02696af01c0d586c631c5b45;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 07:13:06 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: R9mjcik3i0kISOeO4gVZP6XhhvZO00mriabAtJ8vv1kNhRpz_lfsHQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 07:39:55 GMT
age: 66200
etag: "4f25bdbffca3803b02c196c38491223684d36b4d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa9cba5-a508-44d3-b8ad-393590528e8b.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa9cba5-a508-44d3-b8ad-393590528e8b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9a774aa1a206523471dfa75b624be2af
e41ca3e0550e74562b0374565225444ffb977c4e
208ea0f25d7bde64057701891811cdb8c0a67b6f60899ca514fbaf2e04d595bc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa9cba5-a508-44d3-b8ad-393590528e8b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9550
x-amzn-requestid: 0c3d2b49-9407-4d12-930a-83e585c165b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CBF7kFvwIAMF43g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6416b6b0-59461f0119abb54f773150a0;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 07:16:00 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: wVn33PkqDp-KFwzsDiNz8uSRuW2lwBLllYsQevboO6qidq1OkL-X5Q==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 22:33:44 GMT
age: 12571
etag: "e41ca3e0550e74562b0374565225444ffb977c4e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26aea22c-e627-45d1-bce6-55eaa4acfd06.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26aea22c-e627-45d1-bce6-55eaa4acfd06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f3aa18378fc5715083fb26bd0d62f382
ee683e481a4501d2ab8ca63d1426d6fab6f2b064
8aade71c4b55f6a9daab28a05a90bcc3c6c01b700aa48d2f8ccdb1992fa5ee81
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F26aea22c-e627-45d1-bce6-55eaa4acfd06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10816
x-amzn-requestid: 60a537d2-1b8a-4ae2-967c-a7e57c818cc6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9xY0EHqoAMFrrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6415629e-1be08f9f3a13492717fdaa48;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:05:02 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: pFf9EtVQUyRcUOT6Aj_L88__ZyBlVX61cOmPi70WnyxxPteVUFFXEw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 3f3347264bcaae7af741e2a2f692c6a0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 20:21:35 GMT
age: 20500
etag: "ee683e481a4501d2ab8ca63d1426d6fab6f2b064"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77cfac24-9654-4b34-9264-7d0268ec9c29.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77cfac24-9654-4b34-9264-7d0268ec9c29.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b877c9b1fa2292db9a135eff3c3995c
919df81af94dd2dc33516bba4632c417d4313d9f
e6d61f94237d97be08a89d16b3c86c44e624c021906e6d94c74395751caf8d4a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77cfac24-9654-4b34-9264-7d0268ec9c29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10239
x-amzn-requestid: 3df584e9-63cf-42c6-8b3a-d212a9b1b9ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CBGTLH3wIAMFpFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6416b747-4deaa0770aae24c17c4e4edf;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 07:18:31 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: pNoGlkaYZhWFCF11qRn6HVWBUiz2Rm7jmwB_N-6hXM0xYuTMeNgoEQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 22:06:49 GMT
age: 14186
etag: "919df81af94dd2dc33516bba4632c417d4313d9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7a72dbc-373a-4f8e-af8b-0ed08e2803e6.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7a72dbc-373a-4f8e-af8b-0ed08e2803e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad549baba5e36a47876bd01552d5d91d
2de066240ff8c399fa1eb3b87fe7673294ee207c
fdd10f366b8acf79ea4aac5fa47233e351d923dc21d669fe98b48487870244b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb7a72dbc-373a-4f8e-af8b-0ed08e2803e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6668
x-amzn-requestid: 18a822d0-3a3c-4225-a297-c5cb93b28663
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM8H3FEBIAMFkrg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b73cb-309c2ab7261fd7c635c54555;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:31:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: j7fwAGMlwzH37FPGzKKqu9cpdi8xI6GOF7iG5yMUvhXt43IXx2ALZg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 21:43:54 GMT
age: 15561
etag: "2de066240ff8c399fa1eb3b87fe7673294ee207c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
34.111.73.144200 OK 807 kB URL HTTP/2 firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
IP 34.111.73.144:0
Size 807 kB (807180 bytes)
Hash 914be443bdfbe8a1c3ded61e1c114bd6
4fe7c5ff83f6a29e6699f4cebc17550891504661
41b036d0c889509d547296b238027a063c313261ad52d5f7bb81922011791857
GET /staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BygVh3uOGQ7VTy3+RFjYxlXnj/v6se6DnWv4KXDCrceZef2tIV7pWLHyfRxGcYWcBcrf+OEtxiCAkkxFj1/Ogw==
x-amz-request-id: MCV8ZR76EXX5VBMR
x-amz-version-id: K1ODzappZsD35qeu0OM5zvs_BP1eybj7
accept-ranges: bytes
server: AmazonS3
content-length: 807180
via: 1.1 google
date: Thu, 16 Mar 2023 11:49:16 GMT
age: 569640
last-modified: Tue, 10 Jan 2023 12:38:46 GMT
etag: "914be443bdfbe8a1c3ded61e1c114bd6"
content-type: application/octet-stream
cache-control: public,max-age=604800
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1679529664549&_since=%221666483264567%22
35.241.9.150200 OK 64 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1679529664549&_since=%221666483264567%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (64316), with no line terminators
Hash c5737c392fec8ab9e2820ec996875a7a
543c7af7c9e3a0165cbaff7162202b485af617da
9e5bdc355682998dee839d109d215bd7858720013b90ef3281235ed6c852b8e1
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1679529664549&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 64316
via: 1.1 google
date: Thu, 23 Mar 2023 01:03:40 GMT
age: 3576
last-modified: Thu, 23 Mar 2023 00:01:04 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1679431865124&_since=%221666279968541%22
35.241.9.150200 OK 87 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1679431865124&_since=%221666279968541%22
IP 35.241.9.150:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 53e85e2ed3d5debbb138a016a250bc70
2807824fe1f515a1d14c00515de79d6f997860b5
a42c02b270d3cb10126b30e4b41ae241f07db3ebfb5fd4f5239c0f9c7ecf3f25
GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1679431865124&_since=%221666279968541%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 86979
via: 1.1 google
date: Thu, 23 Mar 2023 01:03:41 GMT
age: 3575
last-modified: Tue, 21 Mar 2023 20:51:05 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1678202119172&_since=%221662044085942%22
35.241.9.150200 OK 7.0 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1678202119172&_since=%221662044085942%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (6983), with no line terminators
Hash 259c63666839343d666a293de9e3d7b3
2eb4f6399be8ec867b36714423e06929b8a04213
8f4521fb02b3f081367469a39f6d5dca0a14c8bcc8e66f3e374adf6d0ecabeba
GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1678202119172&_since=%221662044085942%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 6983
via: 1.1 google
date: Thu, 23 Mar 2023 01:51:19 GMT
age: 717
last-modified: Tue, 21 Mar 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1678736907773&_since=%221656585893704%22
35.241.9.150200 OK 1.6 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/query-stripping/changeset?_expected=1678736907773&_since=%221656585893704%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1647), with no line terminators
Hash b6a9d93923579c92355cde6a0247ebe4
5aacc09f19d3fda30e47c55995b19d22e77d6764
ff32dcc803a931b38db625bbf50f169860022bdebb652ea949ddf1f8659c34c6
GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1678736907773&_since=%221656585893704%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1647
via: 1.1 google
date: Thu, 23 Mar 2023 01:16:03 GMT
age: 2833
last-modified: Tue, 21 Mar 2023 16:36:43 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
35.241.9.150200 OK 682 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (682), with no line terminators
Hash 01b690964dee95d05c2514fbd8e0ca10
7095b979dd9ac6675ae4d1cf0130826045e03266
254b3294433c758c9591b6cba0e31d8453a6eec372af315d0f39056d020a6acd
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 682
via: 1.1 google
date: Thu, 23 Mar 2023 01:14:10 GMT
age: 2946
last-modified: Fri, 17 Mar 2023 16:36:59 GMT
etag: "1679071019113"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
35.241.9.150200 OK 1.3 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1250), with no line terminators
Hash 6e9207f14bc4e1dacd75ae700db68d24
83e39f11d653a520e625f85ee1bfc792dfcb0252
18dc7a0b3c12d96a4a26b31a47e0bdf22509ec2727eabbba9457dc9102c30044
GET /v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1250
via: 1.1 google
date: Thu, 23 Mar 2023 01:07:30 GMT
age: 3346
last-modified: Fri, 17 Mar 2023 16:36:48 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22
35.241.9.150200 OK 1.7 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1742), with no line terminators
Hash 15fac2acaa5e46514ba26b94c9120bb3
84ad721feea570de94a40fec3d0e176937829f4e
fa5eb055710eff6d1f9a27b71a6424ee6213bb4b5243da7cc1b1470270ad95c8
GET /v1/buckets/main/collections/password-recipes/changeset?_expected=1674595048726&_since=%221642005109349%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1742
via: 1.1 google
date: Thu, 23 Mar 2023 02:01:08 GMT
age: 128
last-modified: Fri, 17 Mar 2023 16:36:47 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22
35.241.9.150200 OK 2.4 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (2387), with no line terminators
Hash 8433183bfaa3cc12d07724843f7b08ac
8583ff32a05d04833f0c9f1e0ea8b95571a7367c
8fffd47f59b9894dd9703fefb151b4047d99bf8d6d844c1f7302633da2d9d1cf
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1675943045406&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 2387
via: 1.1 google
date: Thu, 23 Mar 2023 01:07:41 GMT
age: 3335
last-modified: Fri, 17 Mar 2023 16:36:46 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1678922485545&_since=%221661199949574%22
35.241.9.150200 OK 25 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1678922485545&_since=%221661199949574%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (25354), with no line terminators
Hash 350cfa5488b9cfce345b6410b04d5307
fc3ee8d31aa9ba9353beff9a42c93855da3bf5e9
103e8b0147854a1236e477dd5e951246463f098592a5549560c20fc98d8c1f35
GET /v1/buckets/main/collections/search-config/changeset?_expected=1678922485545&_since=%221661199949574%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 25354
via: 1.1 google
date: Thu, 23 Mar 2023 01:56:44 GMT
age: 392
last-modified: Wed, 15 Mar 2023 23:21:25 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
35.241.9.150200 OK 1.5 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1506), with no line terminators
Hash 2c6deb199b3a43e62e4423bde1127c13
3bdb809be246e6a226ab6af05e6cb7ecca621d7d
200bc6608eaa3cdb6d274d84655ac94f1d1d5f33249c2d33a0155629900ce507
GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1506
via: 1.1 google
date: Thu, 23 Mar 2023 01:04:16 GMT
age: 3540
last-modified: Wed, 15 Mar 2023 16:36:49 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
35.241.9.150200 OK 934 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (934), with no line terminators
Hash c88ba032388de9b5463fd8ee96221426
792e2a7e9bf312a80eb3799b807588aaae55ec42
c7b5a104191bcf5c6ea0b7fe78b2b71b5c438c14af5e3a38bab31b431371d556
GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 934
via: 1.1 google
date: Thu, 23 Mar 2023 02:02:28 GMT
age: 48
last-modified: Wed, 15 Mar 2023 16:36:48 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
alduffield.com.au/email/verification/3dxcjz/altstyle.css
188.114.97.1200 OK 0 B URL HTTP/2 alduffield.com.au/email/verification/3dxcjz/altstyle.css
IP 188.114.97.1:0
GET /email/verification/3dxcjz/altstyle.css HTTP/1.1
Host: alduffield.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://alduffield.com.au/email/verification/3dxcjz/info@slurpmail.net
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 23 Mar 2023 02:03:12 GMT
content-type: text/html
x-powered-by: PHP/5.3.29
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3573
last-modified: Thu, 23 Mar 2023 01:03:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vR61yIiuWfPk5FDyQivTZ3GIHn0l6SLZcto5IzC7y%2FtAzLzq0qrZLojS26t%2BnmYqgqLEPPd8g%2FEpWGKJzxygcxLKjZVVdd3RhjLDupUHJJ8iL8ThgB80hxqrLfi9zuhP0QCYRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac318bc1c7eb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
alduffield.com.au/email/verification/3dxcjz/web_images/Untitled.mp4
188.114.97.1206 Partial Content 0 B URL HTTP/2 alduffield.com.au/email/verification/3dxcjz/web_images/Untitled.mp4
IP 188.114.97.1:0
Analyzer Verdict Alert fortinet Phishing
GET /email/verification/3dxcjz/web_images/Untitled.mp4 HTTP/1.1
Host: alduffield.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://alduffield.com.au/email/verification/3dxcjz/info@slurpmail.net
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
date: Thu, 23 Mar 2023 02:03:12 GMT
content-type: text/html
x-powered-by: PHP/5.3.29
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3573
last-modified: Thu, 23 Mar 2023 01:03:39 GMT
content-range: bytes 0-940/941
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7y%2BsZIV2LHbNwxjJMDhnGjUyv6IsuJsbc4fbIxMmUr4FiA0PhYENe9ZCNEeeT1xyHL2wJSe0lrut7JTWE8L2KMEdBiGsBwkX0e8rZ2mnuLKQq4%2Ba2kQmuZ7Blxv8GUtYmfXICA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac318bc3c91b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 0 B URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Mar 2023 02:03:13 GMT
content-type: application/json
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: pylFjEkfSk1Xx9BpqlDNdPlQ2bAcp15oIo75u_y8e-SGc0wPsyIlxg==
age: 143
content-encoding: gzip
via: 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 google
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
alduffield.com.au/email/verification/3dxcjz/info@slurpmail.net
188.114.97.1200 OK 0 B URL HTTP/2 alduffield.com.au/email/verification/3dxcjz/info@slurpmail.net
IP 188.114.97.1:0
Analyzer Verdict Alert fortinet Phishing
GET /email/verification/3dxcjz/info@slurpmail.net HTTP/1.1
Host: alduffield.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 23 Mar 2023 02:03:12 GMT
content-type: text/html
x-powered-by: PHP/5.3.29
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1%2FeKTb3DYlaz0GRGmuPaHpQIASPp1VkFqvfoicyJUaGP%2FUpA8Ch08oNIhHnpGyNfd%2F7jt6rGPK8cDQCcMvr%2Bk99oC2Gmb9UMBQyKRYjgmHhzBp1pAH%2FIBf3xAKU8lD2cfmArA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ac318b70a2ab4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2